package com.zhang.webadmin.config;

import com.zhang.webadmin.filter.LoginTokenFilter;
import com.zhang.webadmin.handler.LoginFailHandler;
import com.zhang.webadmin.handler.LoginSuccessHandler;
import com.zhang.webadmin.handler.MyLogoutSuccessHandler;
import jakarta.annotation.Resource;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;

//@EnableMethodSecurity
@Configuration
public class SecurityConfig {

    @Resource
    private LoginSuccessHandler loginSuccessHandler;
    @Resource
    private LoginFailHandler loginFailHandler;
    @Resource
    private MyLogoutSuccessHandler myLogoutSuccessHandler;
    @Resource
    private LoginTokenFilter loginTokenFilter;

    @Bean
    public PasswordEncoder cryptPasswordEncoder() {
        return new BCryptPasswordEncoder();
    }

    @Bean
    public CorsConfigurationSource corsConfigurationSource() {
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        corsConfiguration.addAllowedOrigin("*");
        corsConfiguration.addAllowedMethod("*");
        corsConfiguration.addAllowedHeader("*");

        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
        source.registerCorsConfiguration("/**", corsConfiguration);
        return source;
    }

    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity http, CorsConfigurationSource corsConfigurationSource) throws Exception {
        return http
                .formLogin(formLogin -> {
                    formLogin.loginProcessingUrl("/user/login");
                    formLogin.successHandler(loginSuccessHandler);
                    formLogin.failureHandler(loginFailHandler);
                })
                .logout(logout -> {
                    logout.logoutUrl("/user/logout");
                    logout.logoutSuccessHandler(myLogoutSuccessHandler);
                })
                .authorizeHttpRequests(a -> {
                    a.anyRequest().authenticated();
                })
                .csrf(csrf -> csrf.disable())
                .cors(cors -> {
                    cors.configurationSource(corsConfigurationSource);
                })
                .sessionManagement(s -> {
                    // 禁用session
                    s.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
                })
                .addFilterAfter(loginTokenFilter, UsernamePasswordAuthenticationFilter.class)
                .build();
    }
}
